"An advanced persistent threat (APT) is a cyberattack executed by criminals or nation-states with the intent to steal data or surveil systems over an extended time period. The attacker has a specific target and goal, and has spent time and resources to identify which vulnerabilities they can exploit to gain access, and to design an attack that will likely remain undetected for a long time. That attack often includes the use of custom malware." Roger A. Grimes, CSO
This repository contains the data from "APT Groups and Operations" (https://apt.threattracking.com) in SQL. I made a few light changes to correct grammatical mistakes and to make sure that the commands work. I tested it with MySQL 5.6.
All credit for the information goes to Florian Roth (@cyb3rops) and to the contributors: Pasquale Stirparo (@pstirparo), David Bizeul (@davidbizeul), Brian Bell (@Biebermalware), Ziv Chang (@Gasgas4Ggyy), Joel Esler (@joelesler), Kristopher Bleich (@kc0iqx_bleich), Maite Moreno (@mmorenog), Monnappa K A (@monnappa22), J. Capmany (@theweeZ), Paul Hutchinson (@AllAboutAPT), Boris Ivanov (@BlackCaesar1973), Andre Gironda (@andregironda), Devon Ackerman (@aboutdfir), Carlos Fragoso (@cfragoso), Eyal Sela (@eyalsela), Florian Egloff (@egflo).
Attribution 4.0 International (CC BY 4.0) (See "LICENSE" file)